The honeymoon didn’t last, however. More recent tests have shown that MSE doesn’t provide the features users should look for in an effective anti-virus. Here’s where it falls short – and what you should look for in a replacement.

Early versions of MSE scored well in independent tests, but the high marks didn’t last. The latest AV-Test results found Microsoft’s suite to be the least effective, as it blocked only 93% of known threats and 71% of zero-day attacks.

Those numbers might seem okay – until you look at the competitors. Avast free antivirus, for example, blocked 100% of known threats and 98% of zero-day attacks. That means that if you have 100 computers with MSE, and 100 with Avast, the group running MSE would fall victim to 14 zero-day attacks for every single attack that slips by Avast.

MSE’s failure to keep up with the competition highlights the fact that security is a field that changes constantly. An app that scores very well can slip behind the competition within a year if it’s not kept up to date. This is why you should always consult independent testing organizations like AV-Test and AV-Comparatives before deciding on an antivirus.

There’s More To An Antivirus Than The Antivirus

Microsoft’s decision to release an antivirus for Windows was the right choice, yet it was also hopelessly out of date. Security has long passed the point where a simple antivirus is sufficient for most users.

There are many other avenues of attack, and some can be used to circumvent an antivirus entirely. Phishing is perhaps the most common. A phishing attack4 General Methods You Can Use To Detect Phishing Attacks4 General Methods You Can Use To Detect Phishing AttacksA "phish" is a term for a scam website that tries to look like a site that you know might well and visit often. The act of all these sites trying to steal your account...Read More is an attempt to steal sensitive information, like passwords or credit card information, by posing as a legitimate business or authority. The best phishing attacks use URL trickery and expertly re-created websites to fool all but the most attentive users. Any antivirus suite worth selling for more than a few bucks offers anti-phishing tools that can spot suspicious URLs and website, but MSE offers no such feature.

And that’s just one of the many extras a modern antivirus suite can offer. Most also provide a secure file shredder, a firewall that’s easier to use than that built into Windows, a safe payment sandbox, cloud-powered spam detection, and a utility for removing even the most robust threats (like rootkits).

Popularity Is A Problem

Ironically, MSE has fallen victim to the problem it was meant to solve. Windows has always been the most popular target of malware because it’s the most popular operating system. Now that MSE is out, and used by millions of users, it too has become a target.

Whether this is the reason why the software suffers from such low scores in independent tests is hard to say. The idea that malware developers might be taking MSE into account when creating a new Trojan or virus is plausible, but also hard to prove one way or the other.

What’s certain, though, is that developers of rogue antivirus software have used the existence of MSE as cover for numerous fakes. These apps look like MSE, but actually serve as an avenue for the installation of ad-ware. Other fakes prey on unsuspecting users who don’t know the software is free and trick them into paying.

Security giants like Norton and McAfee have also had issues with fakes, but nothing on the scale of MSE. Security through obscurity does not guarantee safety, but malware developers are a lot less likely to develop new threats that specifically target a third-party antivirus like Avira or F-Secure.

Even Microsoft Says You Should Use Something Else

Still not convinced that you should look for a third-party security suite? Then perhaps you’ll take Microsoft’s advice!

Holly Stewart, senior program manager of the Microsoft Malware Protection Center, told Dennis Technology Labs that the company only pursues a “baseline strategy.” In other words, MSE isn’t designed to be good, and is instead developed to head off only the most prevalent attacks. She also said that “the natural progression is that we will always be on the bottom of these [antivirus] tests.” This is allegedly because Microsoft actively shares what it knows about security threats with third-party partners.

Conclusion

A good antivirus stops the vast majority of threats, has features that protect against a wide range of threats, and doesn’t see its effectiveness reduced by fakes or threats specifically designed to circumvent it.

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Ed

January 2, 2015 at 7:36 am

If I remember correctly, in the upgrade from Widows 8 to 8.1 that I did for someone, a pop-up warning said that a real-time AV program was recommended when I enabled Windows Defender, thinking it was the same program as in previous versions of Windows

I think it should be pointed out that having only one real-time AV running is essential. I have removed as many as three real-time AVs (with current updates) from computers, with malware going undetected by all of them (both in real-time and in their scans) because they were fighting each other as well as using way too much of the resources of the system, making the computer very sluggish.

I DO, however recommend using Malwarebytes manual scans regularly as a supplement to ONE real-time AV program, this also has the advantage of detecting the bloatware that accompanies many free program downloads, some of which actually interfere with the OS, browsers, and AV functioning correctly.

My personal choice has been AVG Free, but there are many free and paid choices out there that are also very effective. I do not recommend MSE because I have had to remove more malware from computers running MSE than any one real-time (up to date) AV.

Nothing worse than multiple A/V programs running on the same computer. Pick one and stick with it if it's doing its job: my favorite is still MSE or the baked-in Defender that comes with Win 8. Set it and forget about it. Set up a standard (not administrative) account that you will use as your regular one on the computer. Also, it doesn't hurt to use Firefox or Midori (yes, Midori) instead of Internet Explorer. Chrome/Chromium I don't recommend since it installs strange files across the system. If still super paranoid about viruses, stick Linux Mint or OpenSuse in VirtualBox and only browse the internet through there. Finally, another thing to do on the Windows side is to install a text-only email (non-html) program that pops open html attachments separately in a browser: I recommend Sylpheed since it has a small footprint and is fast.

I see many comments here about running MULTIPLE A/V software. If you really want to HOSE your system, by all means do that! I make a TON of $$$ taking multiple A/V products off systems that slow down to a crawl because the multiple A/V software are fighting each other for supremacy! The old adage that if one is good, then 2, 3 or 4 is better is total FUD.

For the average (read clueless) user, one of the name brand A/V programs is essential, but still cannot prevent stupid mistakes. Many of the more dangerous 'popup' ads not only do their damage because you click on them giving them PERMISSION, but many also disable the most common A/V programs at the same time. Stupid is as stupid does and no amount of protection can prevent stupid. The number of times I have found A/V installed but disabled/crippled is a long list.

As a computer professional I don't run ANY of these A/V products, with the exception of ADBLOCK PRO and Firefox which prevents any popups from ever appearing. I don't use highly vulnerable mainstream mail clients either, and never open unknown e-mail attachments. Want a safe and effective e-mail client? Try 'TheBat!' Problem avoided!

would agree that MSE is not all that and is not the only AV to have installed on a PC workstation, but being free, lightweight and non-nagging it’s okay. Then again, nobody uses WordPad, but instantly will request MS Word only because of spell check. Over the 28+ years of dealing with business and end users from teens to NASA, it has a lot to do with the end user at the workstation. At first when an AV hits the market, it is a hot potato, Peter Norton’s

MSE, or as known in Windows 8 as Windows Defender (which is not the same as Windows Defender in Windows 7), has one overriding thing going for it, it is by far the simplest to use and it does its job and gets out of the way. There is literally no other AV software out there that I don't notice in some way (especially resource hogging). It does this so well that I didn't even notice it came with Win 8 until I tried to install it manually.

There is also the sense of good enough, there is no need to waste my time dealing with something more complicated than it as long as I am conscientious about what I am doing. The phishing protection is irrelevant since all major web browsers now have that built in, and last time I checked, IE11's was the best. I have been using only MSE/Windows Defender and Windows Firewall for the better part of 3 years now without a single problem.

I personally wouldn't use anything else that's free - even though Avast may currently be the best - for the same reason that I don't run Linux on computers I don't depend on; I don't trust the support I will get from people that have no incentive to help me.

Long story short for people like myself and my paranoid parents, I recommend MSE, for people like my brother who will actually click on the "Shoot 3 ducks, win an iPad" thing, I recommend whatever the current best paid AV is, because chances are, they'll need all its capabilities and the support.

What a load of crap. Did you know that Dennis tech will let you see and appeal the results of the test before the final release.....for a FEE. Test my butt, this is a money grab and the highest bidder gets the badge....

Next time tell the public who were the companies that paid to see the test as it was being conducted, it might surprise you.

Nice links back to the testing sites BTW, paid for press release to keep the cash flowing......

I use the built in windows defender in windows 8.1 along with open dns. I have enabled enhanced protected mode in IE11 and 64 bit processes for IE. I also use Software restriction policy. I use a separate user account for making payments online. I periodically scan with hitman pro (it has both bitdefender and Kaspersky engines) and found nothing. I feel the more knowledgeable the user the less likely his computer is going to get infected.

I take any article with a grain of salt when it links back to tests done almost two years ago. Especially when the article claims any app can be surpassed if it doesn't stay current. Perhaps a new round of tests should be done.

"Now that MSE is out, and used by millions of users, it too has become a target."
That is M$ FUD. The reason MSE is no longer effective is because M$ has not updated it as vigourously and as regularly as other security companies have updated their products. AVG, Avast, etc, because of their effectiveness, are also used by millions of users. They are also targets. Yet they manage to retain their effectiveness while MSE becomes leakier and leakier with time.

The problems with MSE are only a symptom of a fundamental, underlying problem with M$ software. Why is it that M$ with all its money, all its supposed technical expertise, all its supposed dedication to excellence, all its bright programmers, cannot turn out software that is secure and not full of bugs? Is it possible that the M$ applications were originally written and tested sloppily just to get them out to market and that faulty code still persists today? Other O/Ss, and applications written for them, do not have and never had anywhere near the problems that M$ products have.

Antivirus has NOTHING to do with continuing to protect XP. Microsoft has always stopped supporting operating systems after 10 years. It's the known vulnerabilities of these programs that will no longer be patched that make them a threat that NO Anti Virus will protect the user from. As far as Microsft Security Essentials , people choose to buy a Microsoft computer. Microsft Security Essentials comes from the maker of the equipment you chose to buy. There program has always, ALWAYS, out performed any free or paid for Anti Virus out there. It looks where others don't, and it does not nag you constantly. It requires the user to know what they are doing when they set it up initially, but has and always will out perform the other programs by looking in the right places and protecting the user.

For those of you running CCleaner on modern computers, shame on you. You run a old outdated program on a modern computer and then blame your Anti Virus for not doing it's job. Old computers did not do routine scheduled maintenance like new operating systems do. Performing updates, defrags, etc. You put CCleaner on a modern computer and those automated task schedules are gone FOREVER. Yet again, you blame your Anti Virus for being inferior, yet the user stopped the inbuilt tasks that keep you safe from holes in the operating system by putting outdated software on the system.

This whole article stinks of big companies who offer a free version and then nag you to pay trying to get people to pay for services that are not as good as the free versions and slow the computer down attacking truly free software from a company most people have trusted with their computing needs for YEARS!!

I cannot tell you the number of times we have gone to repair someone's computer to find they have one of the names on the list for Anti Virus, pull that garbage ofF they have had for years and replace it with Microsft Security Essentials only to find loads of viruses that these other programs did not find.

I haven't use any anti virus software on my Windows 7 PC for 4 years, and continuing with Windows 8. All I need is AdBlock. I know what I am clicking on and downloading. I am always careful for installers including bundled crapware like Chrome, Norton, & toolbars. But most novice users don't know this, or have computer smart. They just click yes to every UAC popup without reading the publisher. I would suggest using Malware Bytes Anti-Malware with real time protection.

On the rare occasion that I do download something that's from a site that I am not familiar with I usually run the executable through Virustotal.com to see what all of the different AV scanners think before installing on my PC.

In the past I've always used AVG Free + Ad-Aware Free. Now I'm using Avast Free and Malware Bytes Anti-Malware Free and I don't have any problems. Seems to work fine. Never like MSE much, so I've got that disabled.

Well, I have been using Win 7 with MSE for years now... visiting all kinds of websites... banking, shopping and downloading. MSE has caught / quarantined exactly ZERO malware all these years!! So maybe it's useless and my PC is infected/zombied without my knowing it?

But then, I regularly scan my PC with Kaspersky and Malwarebytes AV / Rootkit scanners -- and they too have found exactly NOTHING!

My conclusions:

1. Yes, there are bad things out there.
2. But they are relatively rare and the risk to home users who use common sense precaution plus a "baseline" AV like MSE is insignificant.
3. Good gawd... the HYPE one reads in the media and websites -- like MUO!! The shame!

Cheap strawman retort? NO ONE is saying "don't use AV". Anyone with a brain can tell from my writing above that I use AV (MSE) -- and I also regularly test MSE with Malwarebytes and Kaspersky!

But here's the thing. This day and age, any kind of a mishap or shortcoming -- and all the sites would be hollering (e.g. Flash shortcoming's). But is there really any outcry against MSE from actual MSE users -- above and beyond other AV users? NO!

Really, most all the outcry and warnings are from the usual media and website hypes!

NOTE: Just a home PC user with no work or financial ties to Microsoft whatsoever.

Nice point, buddy !! But tell me how you type passwords @ online banking sites, email sites and others without typing on keyboard / using mouse ? Oh, you must not have heard about key-loggers adware !!

to lmkdm7: Well said. On the other hand how can I install keylogger without admin priviledge? Oh, I can use hardware keylogger right. Another thing is some adds on websites - for this install AdBlock (plus its other components), Ghostery, WOT, and NoScript. Disable all plugins and enable them only when needed. Oviously this is not going to work with the BFU because he wants fun, not work. But beleive me, I have this setup and I am running with MSE without no issue even on admin account. Anyway the MSE might not be the best antivirus but other free antiviruses mentioned here contains some sort of adverts plus they use far more resources than MSE.

I agree that MSE is just a basic antivirus just like the firewall that came with Windows is basic and so you should look at others that come with more features, especially if you are on Windows XP. Antivirus vendors say they will continue to support Windows XP

For home use, I have to agree with Nikolaj. I've been running a slew of home computers (includes those run by kids and wife) for a long time. Since MSE was in its initial beta, that's been my sole solution outside of an occasional run of CCleaner. During that time, we've had exactly zero viruses and no evidence of critical malware.

How have I managed this? I keep teaching and reteaching the techniques to keep yourself safe.

First off computer safety is primarily the 6 inches between your ears. Secondly for a normal home user the risk is so extremly small. The threat is superhyped (by AV companies) and most people are well off with free software, among others MSE.

I don't understand how you can say "computer safety is primarily the 6 inches between your ears" when we literally just learned about an OpenSSL encryption error the average user did not know about and could nothing against.

I would agree that MSE is not all that and is not the only AV to have installed on a PC workstation, but being free, lightweight and non-nagging it's okay. Then again, nobody uses WordPad, but instantly will request MS Word only because of spell check. Over the 28+ years of dealing with business and end users from teens to NASA, it has a lot to do with the end user at the workstation. At first when an AV hits the market, it is a hot potato, Peter Norton's programs were the go to programs, today, Norton is bloated, blocks more than it protects and with the most experienced techs it is the first program uninstalled. I am called out when worst case scenarios arise, I've seen several thousand dollar servers with the latest yearly protection AV get taken down with a simple email that was opened and infects any shared folder on the network and the AV is disabled or programed into being corrupted. My typical rule, have an AV installed, pick from the top ranked during that year, keep in mind it will change, install some type of PAID malware protection that is running (malwarebytes, super anti-spyware, spybot) then have a hail-mary type of program like Combo Fix as your last resort before having to format. TL; DR - Have more than just one AV protection and pay for malware removing type of programs.